A brief perusal of [Duflot's] paper shows that it describes a way for the *superuser* to circumvent securelevel restrictions. This is interesting, but

(a) it describes an attack by a malicious *superuser*, and
(b) it describes an attack by a malicious person who *already* has an account on the machine under attack.

(a) in particular makes this of more academic than practical concern -- a malicious superuser has about 6.02e23 different ways to take over the system, so adding one more is of little interest. This "attack" is trivially preventable by not allowing malicious persons to become superuser in the first place, indeed by not giving them logins.

Duflot was scheduled to speak on SSM once again this week at CanSecWest, which ends today. Duflot has been harking on various security implications of the x86 SMM for some years.

My cursory interpretation -- I could be wrong -- is that the biggest area for concern, or at least awareness, for *nix users on this architecture is the use of XFree86 or X.Org, which exploit SMM. See xf86(4).

I found an old interview with Duflot whic may be helpful, describing SMM and the X11-based weakness for *nix systems in more detail.

I did not recall the issue clearly, when I wrote above that X uses SMM. It doesn't. SMM uses legacy video RAM memory, and that is where the weakness lies. But I had read this interview 3 years ago, as I remembered the title:

BSDfan's Wiki reference has a link in the footnotes to an article describing a demonstration SMM-based rootkit shown at the Black Hat '08 conference. The key to such things is that OS's and their applications do not have access to SMM datablocks, and would be blind to code hidden therein.

I posted the link with academic interest in mind rather than a supposition of an actual concern about vulnerability. Involvement in the BSDs suggests at least a little technical expertise. I actually found it through a Mac OSX forum.